CIS Controls Inspire Law Graduate

Law Graduate Finds Inspiration with CIS Controls for Vendor Assessments

Recently CIS had a conversation with Jamal Hartenstein, who has combined his two passions – cybersecurity and the law – into a specialized law practice. As a liaison between IT and legal groups, Mr. Hartenstein became aware of the CIS Controls through his employer’s CISO. Reading the California Attorney General’s report, he learned the CIS Controls are now considered a reasonable standard of care in the State of California for securing business information. He recognized a unique business opportunity to leverage his many years of experience as an IT professional, and his law degree, to find ways to help businesses validate their compliance with the CIS Controls and also protect them in the event of litigation.

Third-Party Assessment

Mr. Hartenstein is a highly skilled technical consultant with experience in data privacy, policy, and governance. He is currently working on a gap assessment of his client’s environment that will include a crosswalk of the identified security gaps to both the CIS Controls and the NIST Cybersecurity Framework. He believes it is important to have an assessment to show areas in need of improvement, as well as one that results in actionable items.

Future Endeavors

With his cybersecurity expertise and legal background, Mr. Hartenstein plans to open a cybersecurity law firm. He believes that organizations in California are likely to face increasing cybersecurity regulation and will likely be required to attest to their levels of compliance if problems arise. In those cases, he plans on using the CIS Controls as a means of assessing an organization’s security posture and providing legal services for responding to incidents that may occur.

Commitment to Cybersecurity

Mr. Hartenstein is a seasoned IT professional with multiple certifications and progressive experience in a range of security disciplines. His commitment to cybersecurity is growing and evolving to meet current trends in the cyber landscape, and he is well positioned in the Northern California business community.

About Jamal Hartenstein

Jamal Hartenstein, J.D., PMP, has 14 years of Information Technology experience. He is a graduate of the University of the Pacific – McGeorge School of Law, and served in the U.S. Army Military Intelligence Corps. He holds many certification, and is a member of a number of respected organizations.